SUSE-SU-2025:0226-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20250226-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0226-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:0226-1
- Related
- Published
- 2025-01-27T07:26:16Z
- Modified
- 2025-01-27T07:26:16Z
- Summary
- Security update for docker-stable
- Details
-
This update for docker-stable fixes the following issues:
- CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration (bsc#1234089).
- CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request (bsc#1219437).
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20250226-1/
- https://bugzilla.suse.com/1219437
- https://bugzilla.suse.com/1234089
- https://www.suse.com/security/cve/CVE-2024-23650
- https://www.suse.com/security/cve/CVE-2024-23653
- https://www.suse.com/security/cve/CVE-2024-29018
- https://www.suse.com/security/cve/CVE-2024-41110
Affected packages
SUSE:Linux Enterprise Module for Containers 15 SP6 / docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6
openSUSE:Leap 15.6 / docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/opensuse/docker-stable&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.11.1
Ecosystem specific
{
"binaries": [
{
"docker-stable": "24.0.9_ce-150000.1.11.1",
"docker-stable-fish-completion": "24.0.9_ce-150000.1.11.1",
"docker-stable-bash-completion": "24.0.9_ce-150000.1.11.1",
"docker-stable-rootless-extras": "24.0.9_ce-150000.1.11.1",
"docker-stable-zsh-completion": "24.0.9_ce-150000.1.11.1"
}
]
}